Jump to content

incognita

Members
 View Profile  See their activity

  • Posts

    3

  • Joined

  • Last visited

 Content Type 

Everything posted by incognita

  1. incognita
    Here are my logs per Maniac's request . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2012-11-20.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume1 Install Date: 4/1/2011 8:32:48 AM System Uptime: 5/25/2013 11:00:41 PM (16 hours ago) . Motherboard: TOSHIBA | | Portable PC Processor: Intel® Celeron® CPU 900 @ 2.20GHz | CPU | 2194/800mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 222 GiB total, 180.296 GiB free. D: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318} Description: avast! SecureLine TAP Adapter Device ID: ROOT\NET\0000 Manufacturer: TAP-Windows Provider V9 Name: avast! SecureLine TAP Adapter PNP Device ID: ROOT\NET\0000 Service: tap0901 . ==== System Restore Points =================== . RP332: 5/26/2013 3:19:47 PM - Scheduled Checkpoint . ==== Installed Programs ====================== . Ad-Aware Antivirus Ad-Aware Security Add-on Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader 9.5.0 Apple Application Support Apple Mobile Device Support Apple Software Update Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver Atheros Driver Installation Program avast! Free Antivirus Bandisoft MPEG-1 Decoder Best Buy pc app Blingee Toolbar CCleaner Conexant HD Audio CORE Client DragonNest EPSON USB Display Google Chrome Google Update Helper Happy Cloud Client Intel® Graphics Media Accelerator Driver Intel® Matrix Storage Manager Itibiti RTC iTunes Java 7 Update 21 (64-bit) Java Auto Updater Kaspersky Security Scan KeePass Password Safe 1.25 Malwarebytes Anti-Malware version 1.75.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office Click-to-Run 2010 Microsoft Office Starter 2010 - English Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2005 Redistributable (x64) Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 Mozilla Firefox 21.0 (x86 en-US) Mozilla Maintenance Service MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Pando Media Booster PlayReady PC Runtime amd64 PreReq QuickTime Realtek USB 2.0 Card Reader Revo Uninstaller 1.94 Samsung New PC Studio SAMSUNG USB Driver for Mobile Phones Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Skype Click to Call Skype™ 6.3 Spybot - Search & Destroy Synaptics Pointing Device Driver System Requirements Lab for Intel TOSHIBA Application Installer TOSHIBA Assist Toshiba Book Place TOSHIBA Bulletin Board TOSHIBA Disc Creator TOSHIBA Hardware Setup TOSHIBA HDD/SSD Alert TOSHIBA Media Controller TOSHIBA Media Controller Plug-in TOSHIBA Quality Application TOSHIBA Recovery Media Creator TOSHIBA ReelTime TOSHIBA Service Station TOSHIBA Supervisor Password TOSHIBA Value Added Package ToshibaRegistration Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Extended (KB2468871) Update for Microsoft .NET Framework 4 Extended (KB2533523) Update for Microsoft .NET Framework 4 Extended (KB2600217) Windows Live Mesh ActiveX Control for Remote Connections Windows Live OneCare safety scanner Windows Media Encoder 9 Series WinRAR 4.00 (32-bit) Yahoo! Toolbar . ==== Event Viewer Messages From Past Week ======== . 5/25/2013 9:56:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 40 time(s). 5/25/2013 9:56:35 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 39 time(s). 5/25/2013 9:55:18 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 38 time(s). 5/25/2013 9:54:32 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 37 time(s). 5/25/2013 9:52:33 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 36 time(s). 5/25/2013 9:51:08 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 35 time(s). 5/25/2013 9:50:45 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 34 time(s). 5/25/2013 9:50:28 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 33 time(s). 5/25/2013 9:49:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 32 time(s). 5/25/2013 9:41:40 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 31 time(s). 5/25/2013 9:40:18 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 30 time(s). 5/25/2013 9:40:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 29 time(s). 5/25/2013 9:40:02 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 28 time(s). 5/25/2013 9:39:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 27 time(s). 5/25/2013 9:39:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 26 time(s). 5/25/2013 9:39:25 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 25 time(s). 5/25/2013 9:39:07 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 24 time(s). 5/25/2013 9:39:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 23 time(s). 5/25/2013 9:39:02 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 22 time(s). 5/25/2013 9:38:59 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 21 time(s). 5/25/2013 9:38:57 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 20 time(s). 5/25/2013 9:38:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 19 time(s). 5/25/2013 9:38:47 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 18 time(s). 5/25/2013 9:38:46 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 17 time(s). 5/25/2013 9:38:45 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 16 time(s). 5/25/2013 9:38:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 15 time(s). 5/25/2013 9:33:05 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 14 time(s). 5/25/2013 9:26:09 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 13 time(s). 5/25/2013 9:19:38 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 12 time(s). 5/25/2013 9:19:37 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 11 time(s). 5/25/2013 9:19:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 10 time(s). 5/25/2013 9:15:59 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 9 time(s). 5/25/2013 9:11:55 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 8 time(s). 5/25/2013 9:10:10 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 7 time(s). 5/25/2013 9:09:55 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 6 time(s). 5/25/2013 9:09:55 PM, Error: Service Control Manager [7023] - The Windows Search service terminated with the following error: The file or directory is corrupted and unreadable. 5/25/2013 9:09:51 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 5 time(s). 5/25/2013 9:08:53 PM, Error: Service Control Manager [7034] - The EMP_UDSA service terminated unexpectedly. It has done this 1 time(s). 5/25/2013 9:07:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 4 time(s). 5/25/2013 9:07:28 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 3 time(s). 5/25/2013 9:07:21 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 5/25/2013 9:07:21 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-2147217025. 5/25/2013 9:06:56 PM, Error: Service Control Manager [7031] - The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. 5/25/2013 9:06:41 PM, Error: Service Control Manager [7024] - The Windows Search service terminated with service-specific error %%-1073473535. 5/25/2013 9:06:36 PM, Error: Service Control Manager [7023] - The Superfetch service terminated with the following error: The file or directory is corrupted and unreadable. 5/25/2013 8:17:24 PM, Error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The dependency service or group failed to start. 5/25/2013 8:14:36 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error: The dependency service or group failed to start. 5/25/2013 8:14:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 5/25/2013 8:14:30 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 5/25/2013 8:14:19 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 5/25/2013 8:14:10 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 5/25/2013 8:14:04 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache ElRawDisk MpFilter spldr SRTSP SRTSPX Wanarpv6 WSREGMON 5/25/2013 8:14:00 PM, Error: Service Control Manager [7001] - The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error: The dependency service or group failed to start. 5/25/2013 5:38:24 AM, Error: Service Control Manager [7030] - The PEVSystemStart service is marked as an interactive service. However, the system is configured to not allow interactive services. This service may not function properly. 5/25/2013 5:06:17 AM, Error: Application Popup [1060] - \??\C:\ComboFix\catchme.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 5/25/2013 4:34:34 AM, Error: Service Control Manager [7011] - A timeout (30000 milliseconds) was reached while waiting for a transaction response from the MBAMService service. 5/25/2013 4:27:21 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service defragsvc with arguments "" in order to run the server: {D20A3293-3341-4AE8-9AAF-8E397CB63C34} 5/25/2013 3:46:39 AM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service MSIServer with arguments "" in order to run the server: {000C101C-0000-0000-C000-000000000046} 5/25/2013 3:41:34 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: aswRvrt aswSnx aswSP aswTdi aswVmm discache ElRawDisk spldr SRTSP SRTSPX Wanarpv6 WSREGMON 5/25/2013 3:40:14 AM, Error: Service Control Manager [7043] - The Group Policy Client service did not shut down properly after receiving a preshutdown control. 5/25/2013 11:01:57 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SRTSP WSREGMON 5/25/2013 11:00:46 PM, Error: SRTSP [5] - Error loading Symantec real time Anti-Virus driver. 5/25/2013 11:00:46 PM, Error: SRTSP [4] - Error loading virus definitions. 5/25/2013 10:45:38 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume C:. 5/25/2013 10:45:29 PM, Error: Service Control Manager [7023] - The Peer Name Resolution Protocol service terminated with the following error: The file or directory is corrupted and unreadable. 5/25/2013 10:45:29 PM, Error: Service Control Manager [7001] - The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error: The file or directory is corrupted and unreadable. 5/25/2013 10:45:29 PM, Error: Microsoft-Windows-PNRPSvc [102] - The Peer Name Resolution Protocol cloud did not start because the creation of the default identity failed with error code: 0x80070570. 5/25/2013 10:44:33 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 92 time(s). 5/25/2013 10:44:33 PM, Error: Service Control Manager [7023] - The Windows Search service terminated with the following error: The system cannot find the path specified. 5/25/2013 10:44:21 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 91 time(s). 5/25/2013 10:43:16 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 90 time(s). 5/25/2013 10:42:24 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 89 time(s). 5/25/2013 10:35:23 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 88 time(s). 5/25/2013 10:34:59 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 87 time(s). 5/25/2013 10:34:55 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 86 time(s). 5/25/2013 10:34:53 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 85 time(s). 5/25/2013 10:34:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 84 time(s). 5/25/2013 10:34:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 83 time(s). 5/25/2013 10:29:45 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 82 time(s). 5/25/2013 10:29:39 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 81 time(s). 5/25/2013 10:29:27 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 80 time(s). 5/25/2013 10:29:25 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 79 time(s). 5/25/2013 10:29:20 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 78 time(s). 5/25/2013 10:29:08 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 77 time(s). 5/25/2013 10:29:05 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 76 time(s). 5/25/2013 10:29:04 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 75 time(s). 5/25/2013 10:29:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 74 time(s). 5/25/2013 10:28:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 73 time(s). 5/25/2013 10:28:53 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 72 time(s). 5/25/2013 10:28:49 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 71 time(s). 5/25/2013 10:27:25 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 70 time(s). 5/25/2013 10:16:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 69 time(s). 5/25/2013 10:16:37 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 68 time(s). 5/25/2013 10:15:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 67 time(s). 5/25/2013 10:15:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 66 time(s). 5/25/2013 10:14:47 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 65 time(s). 5/25/2013 10:13:03 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 64 time(s). 5/25/2013 10:12:48 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 63 time(s). 5/25/2013 10:12:31 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 62 time(s). 5/25/2013 10:12:29 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 61 time(s). 5/25/2013 10:11:31 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 60 time(s). 5/25/2013 10:11:28 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 59 time(s). 5/25/2013 10:11:02 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 58 time(s). 5/25/2013 10:10:41 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 57 time(s). 5/25/2013 10:10:31 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 56 time(s). 5/25/2013 10:10:27 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 55 time(s). 5/25/2013 10:10:00 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 54 time(s). 5/25/2013 10:09:59 PM, Error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume TI105952W0C. 5/25/2013 10:09:53 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 53 time(s). 5/25/2013 10:09:52 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 52 time(s). 5/25/2013 10:09:36 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 51 time(s). 5/25/2013 10:09:34 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 50 time(s). 5/25/2013 10:09:07 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 49 time(s). 5/25/2013 10:08:35 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 48 time(s). 5/25/2013 10:08:26 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 47 time(s). 5/25/2013 10:08:15 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 46 time(s). 5/25/2013 10:07:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 45 time(s). 5/25/2013 10:06:24 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 44 time(s). 5/25/2013 10:06:19 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 43 time(s). 5/25/2013 10:06:16 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 42 time(s). 5/25/2013 10:00:54 PM, Error: Service Control Manager [7034] - The Windows Search service terminated unexpectedly. It has done this 41 time(s). 5/25/2013 1:49:57 PM, Error: Service Control Manager [7034] - The Skype C2C Service service terminated unexpectedly. It has done this 1 time(s). 5/24/2013 7:49:40 AM, Error: Service Control Manager [7034] - The COMODO Virtual Service Manager service terminated unexpectedly. It has done this 1 time(s). 5/24/2013 4:41:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cmdGuard discache ElRawDisk spldr SRTSP SRTSPX Wanarpv6 WSREGMON 5/24/2013 3:36:27 PM, Error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. 5/23/2013 10:26:49 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: CFRMD SRTSP WSREGMON 5/20/2013 8:01:19 AM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80070643: Skype 5.10 for Windows (KB2727727). . ==== End Of File =========================== DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 10.0.9200.16576 Run by Owner at 15:31:11 on 2013-05-26 Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.1916.659 [GMT -4:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} AV: Lavasoft Ad-Aware *Disabled/Updated* {E0D97DD4-42BA-B3F2-A5A7-22E9ACE81FC7} AV: Norton Internet Security *Disabled/Updated* {88C95A36-8C3B-2F2C-1B8B-30FCCFDC4855} AV: Microsoft Security Essentials *Disabled/Updated* {3F839487-C7A2-C958-E30C-E2825BA31FB5} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Lavasoft Ad-Aware *Disabled/Updated* {5BB89C30-6480-BC7C-9F17-199BD76F557A} SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0} SP: Norton Internet Security *Disabled/Updated* {33A8BBD2-AA01-20A2-213B-0B8EB45B02E8} SP: Microsoft Security Essentials *Disabled/Updated* {84E27563-E198-C6D6-D9BC-D9F020245508} FW: Lavasoft Ad-Aware *Disabled* {D8E2FCF1-08D5-B2AA-8EF8-8BDC523B58BC} FW: Norton Internet Security *Disabled* {B0F2DB13-C654-2E74-30D4-99C9310F0F2E} . ============== Running Processes =============== . C:\windows\system32\lsm.exe C:\windows\system32\svchost.exe -k DcomLaunch C:\windows\system32\svchost.exe -k RPCSS c:\Program Files\Microsoft Security Client\MsMpEng.exe C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\windows\system32\svchost.exe -k LocalService C:\windows\system32\svchost.exe -k netsvcs C:\windows\system32\svchost.exe -k GPSvcGroup C:\windows\system32\svchost.exe -k NetworkService C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\windows\System32\spoolsv.exe C:\windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe C:\windows\system32\taskhost.exe C:\windows\Explorer.EXE C:\windows\system32\Dwm.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\windows\system32\svchost.exe -k imgsvc C:\windows\system32\SearchIndexer.exe C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files\Windows Media Player\wmpnetwk.exe C:\windows\System32\svchost.exe -k LocalServicePeerNet C:\windows\system32\svchost.exe -k SDRSVC C:\windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe C:\Program Files (x86)\adawaretb\ffHelper.exe C:\ProgramData\Search Protection\SearchProtection.exe C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe C:\windows\system32\taskhost.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\servicing\TrustedInstaller.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\windows\system32\SearchProtocolHost.exe C:\windows\system32\SearchFilterHost.exe C:\windows\system32\wbem\wmiprvse.exe C:\windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=A3983B94A04808C9EE08C151A193B977 uProxyServer = localhost:21320 uProxyOverride = <local> uURLSearchHooks: <No Name>: - LocalServer32 - <no file> BHO: MRI_DISABLED - <orphaned> BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - <orphaned> TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Ad-Aware Security Add-on: {6c97a91e-4524-4019-86af-2aa2d567bf5c} - C:\Program Files (x86)\adawaretb\adawareDx.dll uRun: [KSS] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe" /autorun uRunOnce: [adawarebp] reg.exe delete "HKCU\Software\AppDataLow\Software\adawarebp" /f uRunOnce: [adawarebp_XP] reg.exe delete "HKCU\Software\adawarebp" /f mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [Ad-Aware Browsing Protection] "C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe" mRun: [searchProtection] C:\ProgramData\Search Protection\_run.bat mRun: [Ad-Aware Antivirus] "C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareLauncher" --windows-run mRun: [sDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" uPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDrives = dword:0 mPolicies-System: ConsentPromptBehaviorAdmin = dword:5 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} - hxxp://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab TCP: NameServer = 192.168.1.1 TCP: Interfaces\{9E067249-1773-4CA2-8099-C3527CF63A92} : DHCPNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Skype add-on for Internet Explorer: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll x64-Run: [HotKeysCmds] C:\windows\System32\hkcmd.exe x64-Run: [Persistence] C:\windows\System32\igfxpers.exe x64-Run: [igfxTray] C:\windows\System32\igfxtray.exe x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7qvr9l9y.default\ FF - prefs.js: browser.search.selectedEngine - Yahoo FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://us.search.yahoo.com/search?fr=ytff-comodo&p= FF - prefs.js: browser.search.selectedEngine - SecureSearch FF - prefs.js: browser.startup.homepage - hxxp://securesearch.lavasoft.com/?source=f439e2c0&tbp=homepage&toolbarid=adawaretb&v=2_5&u=A3983B94A04808C9EE08C151A193B977 FF - plugin: C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20125.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll FF - plugin: C:\ProgramData\NexonUS\NGM\npNxGameUS.dll FF - plugin: C:\Users\Owner\AppData\Local\Google\Update\1.3.21.145\npGoogleUpdate3.dll FF - plugin: C:\Users\Owner\AppData\Roaming\raidcall\plugins\nprcplugin.dll FF - plugin: C:\windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll FF - plugin: C:\windows\SysWOW64\npDeployJava1.dll FF - plugin: C:\windows\SysWOW64\npmproxy.dll FF - ExtSQL: 2013-03-29 21:32; artur.dubovoy@gmail.com; C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\7qvr9l9y.default\extensions\artur.dubovoy@gmail.com.xpi FF - ExtSQL: 2013-05-24 19:06; wrc@avast.com; C:\Program Files\AVAST Software\Avast\WebRep\FF . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;C:\windows\System32\drivers\aswRvrt.sys [2013-3-18 65336] R0 aswVmm;aswVmm;C:\windows\System32\drivers\aswVmm.sys [2013-3-18 189936] R0 MpFilter;Microsoft Malware Protection Driver;C:\windows\System32\drivers\MpFilter.sys [2013-1-20 230320] R1 aswSnx;aswSnx;C:\windows\System32\drivers\aswSnx.sys [2013-5-24 1025808] R1 aswSP;aswSP;C:\windows\System32\drivers\aswSP.sys [2013-5-24 378432] R1 ElRawDisk;ElRawDisk;C:\windows\System32\drivers\rsdrvx64.sys [2012-8-24 26024] R2 Ad-Aware Service;Ad-Aware Service;C:\Program Files (x86)\Ad-Aware Antivirus\AdAwareService.exe [2013-3-18 1236336] R2 aswFsBlk;aswFsBlk;C:\windows\System32\drivers\aswFsBlk.sys [2013-5-24 33400] R2 aswMonFlt;aswMonFlt;C:\windows\System32\drivers\aswMonFlt.sys [2013-5-24 80816] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-5-24 46808] R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2012-1-4 822624] R2 EMP_UDSA;EMP_UDSA;C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe [2012-6-16 104424] R2 KSS;Kaspersky Security Scan Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [2012-4-25 202296] R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2012-11-27 418376] R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe [2011-4-1 126904] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2013-5-26 1817560] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2013-5-26 1033688] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2013-5-26 171928] R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2011-10-1 508776] R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-4-15 3289208] R3 FwLnk;FwLnk Driver;C:\windows\System32\drivers\FwLnk.sys [2011-4-1 9216] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;C:\windows\System32\drivers\L1C62x64.sys [2011-4-20 169584] R3 MBAMProtector;MBAMProtector;C:\windows\System32\drivers\mbam.sys [2011-8-24 25928] R3 Sftfs;Sftfs;C:\windows\System32\drivers\Sftfslh.sys [2011-10-1 764264] R3 Sftplay;Sftplay;C:\windows\System32\drivers\Sftplaylh.sys [2011-10-1 268648] R3 Sftredir;Sftredir;C:\windows\System32\drivers\Sftredirlh.sys [2011-10-1 25960] R3 Sftvol;Sftvol;C:\windows\System32\drivers\Sftvollh.sys [2011-10-1 22376] R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2011-10-1 219496] S0 gfibto;gfibto;C:\windows\System32\drivers\gfibto.sys [2013-5-26 14456] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2011-8-24 701512] S2 SBAMSvc;Ad-Aware;C:\Program Files (x86)\Ad-Aware Antivirus\SBAMSvc.exe [2012-9-20 3677000] S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-4-19 161384] S3 NisDrv;Microsoft Network Inspection System;C:\windows\System32\drivers\NisDrvWFP.sys [2013-1-20 130008] S3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2013-1-27 379360] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\windows\System32\drivers\rdpvideominiport.sys [2013-2-16 19456] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\windows\System32\drivers\RtsUStor.sys [2011-4-1 232992] S3 ssecbus;Samsung Mobile Modem Device driver (WDM);C:\windows\System32\drivers\ssecbus.sys [2013-5-23 113664] S3 ssecmdfl;Samsung Mobile Modem Device 2 Filter;C:\windows\System32\drivers\ssecmdfl.sys [2013-5-23 18944] S3 ssecmdm;Samsung Mobile Modem Device 2 Driver;C:\windows\System32\drivers\ssecmdm.sys [2013-5-23 152064] S3 TFsExDisk;TFsExDisk;C:\windows\System32\drivers\TFsExDisk.sys [2012-7-12 16448] S3 TsUsbFlt;TsUsbFlt;C:\windows\System32\drivers\TsUsbFlt.sys [2013-2-16 57856] S3 USBAAPL64;Apple Mobile USB Driver;C:\windows\System32\drivers\usbaapl64.sys [2011-8-2 51712] S3 WatAdminSvc;Windows Activation Technologies Service;C:\windows\System32\Wat\WatAdminSvc.exe [2011-4-1 1255736] S4 TMachInfo;TMachInfo;C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2011-4-1 51512] S4 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560] . =============== Created Last 30 ================ . 2013-05-26 05:04:32 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy 2013-05-26 05:03:57 17272 ----a-w- C:\windows\System32\sdnclean64.exe 2013-05-26 05:03:37 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2 2013-05-26 04:57:31 -------- d-----w- C:\Users\Owner\AppData\Roaming\LavasoftStatistics 2013-05-26 04:57:09 -------- d-----w- C:\ProgramData\Ad-Aware Antivirus 2013-05-26 04:47:47 -------- d-----w- C:\Program Files (x86)\Ad-Aware Antivirus 2013-05-26 04:47:20 -------- d-----w- C:\ProgramData\Downloaded Installations 2013-05-26 04:47:16 -------- d-----w- C:\ProgramData\Search Protection 2013-05-26 04:47:13 -------- d-----w- C:\ProgramData\blekko toolbars 2013-05-26 04:47:13 -------- d-----w- C:\ProgramData\adawaretb 2013-05-26 04:47:12 -------- d-----w- C:\Users\Owner\AppData\Local\adawarebp 2013-05-26 04:47:11 -------- d-----w- C:\ProgramData\Ad-Aware Browsing Protection 2013-05-26 04:47:02 -------- d-----w- C:\Program Files (x86)\Toolbar Cleaner 2013-05-26 04:46:50 -------- d-----w- C:\Program Files (x86)\adawaretb 2013-05-26 04:44:58 47496 ----a-w- C:\windows\System32\sbbd.exe 2013-05-26 04:44:58 14456 ----a-w- C:\windows\System32\drivers\gfibto.sys 2013-05-26 04:44:46 -------- d-----w- C:\Users\Owner\AppData\Roaming\Ad-Aware Antivirus 2013-05-26 04:29:21 -------- d-----w- C:\ProgramData\Kaspersky Lab 2013-05-26 04:29:21 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2013-05-26 04:11:44 -------- d-----w- C:\Program Files (x86)\ESET 2013-05-25 22:42:24 -------- d-----w- C:\ProgramData\Malwarebytes' Anti-Malware (portable) 2013-05-25 22:39:31 -------- d-----w- C:\Program Files (x86)\Maleware Bytes Anti-Rootkit 2013-05-25 19:13:50 9460464 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{221D8DE0-9D32-40B9-BC17-FD6CB4859C3B}\mpengine.dll 2013-05-25 18:36:22 -------- d-----w- C:\Program Files (x86)\VS Revo Group 2013-05-25 18:08:05 -------- d-----w- C:\Users\Owner\AppData\Roaming\KeePass 2013-05-25 18:07:22 -------- d-----w- C:\Program Files (x86)\KeePass Password Safe 2013-05-25 18:00:24 -------- d-sh--w- C:\$RECYCLE.BIN 2013-05-25 11:48:29 964552 ----a-w- C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{189974DF-62F9-4828-8814-F162BF0A6F2D}\gapaengine.dll 2013-05-25 11:41:31 -------- d-----w- C:\Program Files (x86)\Microsoft Security Client 2013-05-25 11:41:20 -------- d-----w- C:\Program Files\Microsoft Security Client 2013-05-25 05:49:23 9460464 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{7F26B790-C55B-43DE-8977-A8F3A5D2EA0D}\mpengine.dll 2013-05-25 01:02:43 -------- d-----w- C:\ProgramData\BlueStacks 2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin5.dll 2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin4.dll 2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin3.dll 2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin2.dll 2013-05-25 00:35:26 159744 ----a-w- C:\Program Files\Internet Explorer\Plugins\npqtplugin.dll 2013-05-25 00:12:20 971680 ----a-w- C:\windows\System32\deployJava1.dll 2013-05-25 00:12:20 1092512 ----a-w- C:\windows\System32\npDeployJava1.dll 2013-05-25 00:12:12 108448 ----a-w- C:\windows\System32\WindowsAccessBridge-64.dll 2013-05-24 23:07:24 72016 ----a-w- C:\windows\System32\drivers\aswRdr2.sys 2013-05-24 23:07:20 1025808 ----a-w- C:\windows\System32\drivers\aswSnx.sys 2013-05-24 23:07:18 80816 ----a-w- C:\windows\System32\drivers\aswMonFlt.sys 2013-05-24 23:06:26 41664 ----a-w- C:\windows\avastSS.scr 2013-05-24 23:06:14 40616 ----a-w- C:\windows\System32\drivers\tap0901.sys 2013-05-24 17:27:29 -------- d-----w- C:\Users\Owner\AppData\Roaming\Comodo 2013-05-24 04:20:47 -------- d-----w- C:\Users\Owner\AppData\Roaming\DriverCure 2013-05-24 00:23:35 -------- d-----w- C:\Users\Owner\AppData\Local\Neptune 2013-05-23 13:28:13 348160 ----a-w- C:\windows\SysWow64\msvcr71.dll 2013-05-23 13:28:13 1060864 ----a-w- C:\windows\SysWow64\mfc71.dll 2013-05-23 04:19:26 18944 ----a-w- C:\windows\System32\drivers\ssecmdfl.sys 2013-05-23 04:19:26 15872 ----a-w- C:\windows\System32\drivers\ssecwhnt.sys 2013-05-23 04:19:26 15872 ----a-w- C:\windows\System32\drivers\ssecwh.sys 2013-05-23 04:19:26 152064 ----a-w- C:\windows\System32\drivers\ssecmdm.sys 2013-05-23 04:19:26 14848 ----a-w- C:\windows\System32\drivers\sseccmnt.sys 2013-05-23 04:19:26 14848 ----a-w- C:\windows\System32\drivers\sseccm.sys 2013-05-23 04:19:26 113664 ----a-w- C:\windows\System32\drivers\ssecbus.sys 2013-05-23 04:15:48 -------- d-----w- C:\Program Files (x86)\Samsung 2013-05-23 04:13:22 -------- d-----w- C:\Users\Owner\AppData\Local\Downloaded Installations 2013-05-22 14:45:04 262552 ----a-w- C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll 2013-05-16 19:10:57 -------- d-----w- C:\Program Files (x86)\Common Files\Steam 2013-05-16 01:22:32 0 ----a-w- C:\windows\SysWow64\sho527.tmp 2013-05-16 00:15:22 983400 ----a-w- C:\windows\System32\drivers\dxgkrnl.sys 2013-05-16 00:15:21 265064 ----a-w- C:\windows\System32\drivers\dxgmms1.sys 2013-05-16 00:15:21 144384 ----a-w- C:\windows\System32\cdd.dll 2013-05-16 00:15:18 3153920 ----a-w- C:\windows\System32\win32k.sys 2013-05-16 00:14:38 1930752 ----a-w- C:\windows\System32\authui.dll 2013-05-16 00:14:35 111448 ----a-w- C:\windows\System32\consent.exe 2013-05-16 00:14:34 1796096 ----a-w- C:\windows\SysWow64\authui.dll 2013-05-16 00:14:33 70144 ----a-w- C:\windows\System32\appinfo.dll 2013-05-16 00:13:19 230400 ----a-w- C:\windows\System32\wwansvc.dll 2013-05-16 00:13:18 48640 ----a-w- C:\windows\System32\wwanprotdim.dll 2013-05-12 18:40:39 -------- d-----w- C:\Users\Owner\AppData\Roaming\QFX Software 2013-05-11 13:21:45 231376 ----a-w- C:\windows\System32\drivers\truecrypt.sys 2013-05-10 17:46:34 -------- d-----w- C:\Users\Owner\AppData\Roaming\TeamViewer 2013-05-10 17:14:31 1656680 ----a-w- C:\windows\System32\drivers\ntfs.sys 2013-05-10 13:50:37 -------- d-----w- C:\Users\Owner\AppData\Roaming\Vtools 2013-05-10 13:22:59 -------- d-----w- C:\Users\Owner\AppData\Local\SlimWare Utilities Inc 2013-05-08 02:25:11 19968 ----a-w- C:\windows\System32\drivers\usb8023.sys 2013-05-01 07:59:12 94208 ----a-w- C:\windows\SysWow64\QuickTimeVR.qtx 2013-05-01 07:59:12 69632 ----a-w- C:\windows\SysWow64\QuickTime.qts . ==================== Find3M ==================== . 2013-05-15 23:54:10 71048 ----a-w- C:\windows\SysWow64\FlashPlayerCPLApp.cpl 2013-05-15 23:54:10 692104 ----a-w- C:\windows\SysWow64\FlashPlayerApp.exe 2013-05-09 08:59:07 65336 ----a-w- C:\windows\System32\drivers\aswRvrt.sys 2013-05-09 08:59:07 189936 ----a-w- C:\windows\System32\drivers\aswVmm.sys 2013-05-02 15:29:56 278800 ------w- C:\windows\System32\MpSigStub.exe 2013-04-13 05:49:23 135168 ----a-w- C:\windows\apppatch\AppPatch64\AcXtrnal.dll 2013-04-13 05:49:19 350208 ----a-w- C:\windows\apppatch\AppPatch64\AcLayers.dll 2013-04-13 05:49:19 308736 ----a-w- C:\windows\apppatch\AppPatch64\AcGenral.dll 2013-04-13 05:49:19 111104 ----a-w- C:\windows\apppatch\AppPatch64\acspecfc.dll 2013-04-13 04:45:16 474624 ----a-w- C:\windows\apppatch\AcSpecfc.dll 2013-04-13 04:45:15 2176512 ----a-w- C:\windows\apppatch\AcGenral.dll 2013-04-05 06:52:14 2242048 ----a-w- C:\windows\System32\wininet.dll 2013-04-05 06:50:36 3958784 ----a-w- C:\windows\System32\jscript9.dll 2013-04-05 06:50:31 67072 ----a-w- C:\windows\System32\iesetup.dll 2013-04-05 06:50:31 136704 ----a-w- C:\windows\System32\iesysprep.dll 2013-04-05 05:28:24 1767424 ----a-w- C:\windows\SysWow64\wininet.dll 2013-04-05 05:26:26 2877440 ----a-w- C:\windows\SysWow64\jscript9.dll 2013-04-05 05:26:21 61440 ----a-w- C:\windows\SysWow64\iesetup.dll 2013-04-05 05:26:21 109056 ----a-w- C:\windows\SysWow64\iesysprep.dll 2013-04-05 04:43:00 2706432 ----a-w- C:\windows\System32\mshtml.tlb 2013-04-05 04:29:45 2706432 ----a-w- C:\windows\SysWow64\mshtml.tlb 2013-04-05 03:51:11 89600 ----a-w- C:\windows\System32\RegisterIEPKEYs.exe 2013-04-05 03:38:25 71680 ----a-w- C:\windows\SysWow64\RegisterIEPKEYs.exe 2013-04-04 18:50:32 25928 ----a-w- C:\windows\System32\drivers\mbam.sys 2013-03-19 06:04:06 5550424 ----a-w- C:\windows\System32\ntoskrnl.exe 2013-03-19 05:46:56 43520 ----a-w- C:\windows\System32\csrsrv.dll 2013-03-19 05:04:13 3968856 ----a-w- C:\windows\SysWow64\ntkrnlpa.exe 2013-03-19 05:04:10 3913560 ----a-w- C:\windows\SysWow64\ntoskrnl.exe 2013-03-19 04:47:50 6656 ----a-w- C:\windows\SysWow64\apisetschema.dll 2013-03-19 03:06:33 112640 ----a-w- C:\windows\System32\smss.exe . ============= FINISH: 15:31:59.75 =============== I DID initially find a trojan with MalwareBytes, I do not remember the exact name of it as I deleted it immediately. My computer is very slow, I cannot make certain changes to my programs, and everytime I try to either go to Facebook, or my email account my whole system freezes up for a good 3 minutes before it loads.
  2. incognita
    My computer is doing crazy stuff and I don't know how to fix it. This is the log from HijackThis. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 11:18:39 PM, on 5/25/2013 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v10.0 (10.00.9200.16576) CHROME: 27.0.1453.94 FIREFOX: 21.0 (en-US) Boot mode: Normal Running processes: C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Owner\Desktop\Computer Safety\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://us.yahoo.com?fr=fp-comodo R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: (no name) - MRI_DISABLED - (no file) O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O2 - BHO: (no name) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - (no file) O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing) O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing) O23 - Service: EMP_UDSA - SEIKO EPSON CORPORATION - C:\Program Files (x86)\EPSON Projector\EPSON USB Display V1.4\EMP_UDSA.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing) O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing) O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files (x86)\Norton Internet Security\Engine\18.0.0.128\ccSvcHst.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: Skype C2C Service - Skype Technologies S.A. - C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe O23 - Service: Print Spooler (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 6838 bytes
  3. incognita
    Had a friend of mine notify me yesterday that they were receiving multiple files from my email, that I never sent. Did a full scan with malwarebytes, and discovered a trojan. I am concerned that my system may have been infected with some sort of keylogger or worse. I am a huge noob when it comes to this kind of stuff, and am hoping someone can help me determine if my system is secure.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.